25 results found Sort:

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Created 2013-07-16
5,694 commits to master branch, last one a day ago
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nl...
Created 2015-07-01
11,326 commits to develop branch, last one 20 days ago
317
2.0k
mit
32
Payments for Ruby on Rails apps
Created 2017-02-01
1,778 commits to main branch, last one 4 days ago
175
1.7k
apache-2.0
26
An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全,具备专业的软件成分分析(SCA)、漏洞检测、专业漏洞库。
Created 2022-03-16
1,449 commits to v3 branch, last one 6 days ago
314
1.6k
apache-2.0
40
A suite of tools to automate software compliance checks.
Created 2017-10-19
16,987 commits to main branch, last one a day ago
116
1.1k
apache-2.0
154
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the ...
Created 2021-12-30
990 commits to master branch, last one 2 months ago
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container ima...
Created 2020-01-28
390 commits to master branch, last one 21 days ago
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instan...
Created 2021-12-12
101 commits to master branch, last one 2 years ago
165
598
apache-2.0
16
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission t...
Created 2019-12-30
1,444 commits to master branch, last one a day ago
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Created 2022-12-26
194 commits to main branch, last one 5 days ago
A source code static analysis platform for AppSec enthusiasts.
Created 2023-01-06
433 commits to main branch, last one 7 days ago
prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment
Created 2019-02-04
2,130 commits to master branch, last one 6 months ago
92
121
apache-2.0
14
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...
Created 2020-09-10
1,063 commits to main branch, last one 7 days ago
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers.
Created 2020-01-20
243 commits to master branch, last one 6 days ago
用于检测maven项目的第三方依赖组件是否存在安全漏洞。
Created 2020-07-29
31 commits to master branch, last one 2 years ago
29
98
cc0-1.0
9
A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
Created 2021-05-29
14 commits to main branch, last one 29 days ago
Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning
Created 2022-07-04
265 commits to main branch, last one 7 days ago
clojure deps SCA
Created 2021-12-24
118 commits to main branch, last one 3 months ago
15
56
mit
8
Python Elliptic Curve Side-Channel Analysis toolkit.
Created 2019-03-14
755 commits to master branch, last one 14 days ago
This repository has no description...
Created 2021-12-30
27 commits to master branch, last one 4 months ago
Detections for CVE-2021-44228 inside of nested binaries
Created 2021-12-11
20 commits to main branch, last one 3 years ago
8
33
gpl-3.0
1
RyzeSCA 是M-SEC社区一款强化 DevSecOps 的软件成分分析工具,能在软件开发过程中分析和管理开源组件的安全风险。
Created 2023-12-27
4 commits to main branch, last one 12 months ago
Damn Vulnerable SCA Application
Created 2024-02-09
94 commits to main branch, last one 3 months ago
Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.
Created 2024-10-09
52 commits to main branch, last one 27 days ago
Automate open source license compliance and ensure software supply chain integrity
Created 2023-12-07
166 commits to main branch, last one 5 days ago